A secure element is either a tamper-resistant physical component able to store data and to provide services in a secure manner or a software component providing a trusted storage area and trusted services. In general, a secure element has a limited amount of memory, a processor with limited capabilities and is devoid of battery. For instance a UICC (Universal Integrated Circuit Card) is a secure element which embeds SIM applications for telecommunication purposes. A secure element can be installed, fixedly or not, in a terminal, like a mobile phone for example. In some cases, the terminals are constituted by machines that communicate with other machines for M2M (Machine to Machine) applications.
A secure element can be in the format of a smart card, or may be in any other format such as for example but not limited to a packaged chip as described in PCT/SE2008/050380, or any other format. A UICC can be used in mobile terminals in GSM, CDMA or UMTS networks for instance. The UICC ensures network authentication, integrity and security of all kinds of personal data. The UICC communicates and cooperates with the baseband (also called baseband processor or baseband radio processor) of the terminal equipment.
It is known to solder or weld the secure element in a host device, in order to get it dependent of this host device. This is done in M2M (Machine to Machine) applications. The same objective is reached when a chip (a secure element) containing a Payment application, SIM or USIM applications and files is contained in the host device. The chip is for example soldered to the mother-board of the host device or machine and constitutes an embedded-secure element (eSE).
A secure element may contain a profile which can include a set of applications, a set of personal data and a set of secret data.
The profile could be linked to a subscription. It may contain network access applications (NAA), payment applications or third party applications providing security for a specific service (e.g. NFC applications).
A physical secure element can emulate several virtual secure elements, each one represented as one profile. In such a case, these profiles are called logical profiles or virtual profiles. An emulated profile is hereinafter called virtual profile. Usually each virtual profile is a software based profile.
The invention concerns a way to manage several virtual profiles which are run in a single secure element.
In the state of the art, the basic behaviour to swap a virtual profile to another one is to physically reset the whole secure element (ex: reset as defined by ISO7816-3 standard for a smart card). After this hardware reset, the Operating System of the secure element enables the newly selected virtual profile. Thus only one virtual profile is active at a time in a device session. Moreover, in the swap sequence of the prior art, a proactive Refresh command is sent by the UICC to the host device to request a reboot of the baseband of the host device. The reboot of the baseband allows taking into account the settings of the newly selected virtual profile in the baseband and to reset the UICC. Then, the baseband needs to perform an authentication with the server of the Mobile Network Operator (MNO) to attach to the network. These steps of the swap sequence take a long time during which there is a loss of connectivity between the MNO network and the host device.
There is a need to reduce the duration during which there is a loss of connectivity between the MNO network and the host device.